📄 nzt.h
字号:
/* DISABLE check_long_lines */
/* Copyright (c) Oracle Corporation 1996, 1997, 1998, 1999. All Rights Reserved. */
/* Copyright (c) Oracle Corporation 1996, 1997, 1998, 1999. All Rights Reserved. */
/*
* $Header: nzt.h 25-jun-99.15:02:15 skanjila Exp $
* $Header: nzt.h 25-jun-99.15:02:15 skanjila Exp $
*/
/*
* NAME
* nzt.h
*
* DESCRIPTION
* Toolkit public declarations.
*
* PUBLIC FUNCTIONS
* nztwOpenWallet - Open a wallet based on a WRL and pwd.
* nztwCloseWallet - Close a wallet.
* + nztwCreateWallet - Create a new wallet.
* + nztwDestroyWallet - Destroy an existing wallet.
* nztwRetrievePersonaCopy - Retieve a copy of a particular persona.
* + nzteStorePersona - Store a persona in the wallet.
* nzteOpenPersona - Open a persona.
* nzteClosePersona - Close a persona.
* + nzteRemovePersona - Remove a persona from a wallet.
* + nzteCreatePersona - Create a persona.
* nzteDestroyPersona - Destroy a persona.
* nztiStoreTrustedIdentity - Store an identity with associated trust.
* nzteRetrieveTrustedIdentCopy - Retrieves a trusted identity from persona
* + nzteSetProtection - Modify the protection set in a persona.
* + nzteGetProtection - Get the protection set in a persona
* nztePriKey - Get the Private Key (X509 Only)
* nzteMyCert - Get the Certificate (X509 only)
* nzteX509CreatePersona - Create a persona given an X509 Certificate.
* + nztiRemoveIdentity - Remove an identity from a persona.
* nztiCreateIdentity - Create an identity.
* nztiDuplicateIdentity - Create a complete copy of an identity.
* nztiAbortIdentity - Discard an unstored identity.
* nztidGetIdentityDesc - Gets Identity Description from Identity.
* nztidFreeIdentityDesc - Frees memory for Identity Desc object.
* nztSign - Generate an attached signature.
* + nztxSignExpansion - Determine size of signature.
* nztVerify - Verify an attached signature.
* nztValidate - Validate an identity.
* nztsd_SignDetached - Generate a detached signature.
* + nztxsd_SignDetachedExpansion - Determine size of detached signature.
* nztved_VerifyDetached - Verify a detached signature.
* + nztEncrypt - Symmetric key encryption.
* + nztxEncryptExpansion - Determine the tdu length for encryption.
* + nztDecrypt - Symmetric key decryption.
* + nztEnvelope - Sign then encrypt data for recipient(s).
* + nztDeEnvelope - Reverse nztEnvelope.
* + nztKeyedHash - Generate keyed hash.
* + nztxKeyedHashExpansion - Determine size of TDU for keyed hash.
* nztHash - Generate hash.
* + nztxHashExpansion - Determine the size of the TDU for a hash.
* nztSeedRandom - See the random number generator.
* nztrb_RandomBytes - Generate a series of random bytes.
* nztrn_RandomNumber - Generate a random number.
* nztbbInitBlock - Initialize a buffer block.
* nztbbReuseBlock - Reuse a buffer block.
* nztbbSizeBlock - Find the size of the buffer block.
* nztbbGrowBlock - Grow initialized buffer block by 'inc' bytes.
* nztbbPurgeBlock - Purge the memory used within a buffer block.
* nztbbSetBlock - Set block to known state.
* nztkec_PKEncrypt - Encrypt data then encrypt key for recipient.
* nztkdc_PKDecrypt - Decrypt PKEncrypt'ed data.
* nztific_FreeIdentityContent - Free the contents of an identity.
* nztifdn - Create an identity from a distinguished name
* nztcts_CipherSpecToStr - Converts the Cipher Spec Code To String
* nztiae_IsAuthEnabled - Checks to see if Authentication is Enabled
* in the current Cipher Spec.
* nztiae_IsEncrEnabled - Checks to see if Encryption is Enabled
* in the current Cipher Spec.
* nztiae_IsHashEnabled - Checks to see if Hashing is Enabled
* in the current Cipher Spec.
*
* NOTE: the '+' indicates that these functions are UNSUPPORTED at this time.
*
* NOTES
*
* MODIFIED
* skanjila 06/25/99 - Remove nztcts_CipherSpecToStr() to NZOS.
* skanjila 06/23/99 - Change API of nztcts_CipherSpecToStr.
* lkethana 06/18/99 - rem nztIPrivateAlloc, etc
* lkethana 06/10/99 - changing size_t to ub4
* lkethana 06/02/99 - add api for getting auth/encry/hash capability of c
* arswamin 12/28/98 - add NZT_MAX_MD5.
* arswamin 12/21/98 - change signature of compareDN
* qdinh 12/21/98 - change size_t to ub4.
* inetwork 11/22/98 - Removing NZDEPRECATED definition
* amthakur 09/14/98 - deprecating and updating the c-structures.
* arswamin 09/24/98 - adding NZTTWRL_NULL for SSO support.
* amthakur 07/30/98 - changing the prototype of nztGetCertChain.
* qdinh 05/01/98 - add NZTTIDENTTYPE_INVALID_TYPE
* qdinh 04/17/98 - add NZTTWRL_ORACLE.
* ascott 10/08/97 - implement nztiStoreTrustedIdentity
* ascott 10/07/97 - add nztiGetIdentityDesc
* ascott 09/28/97 - clarify prototype comments and error codes
* ascott 09/05/97 - update identity: create, destroy, duplicate
* ascott 08/21/97 - add GetCert and GetPriKey
* ascott 08/07/97 - add other WRL settings
* asriniva 03/25/97 - Add ANSI prototypes
* rwessman 03/19/97 - Added prototypes for nztific_FreeIdentityContent()
* asriniva 03/11/97 - Fix olint errors
* sdange 02/28/97 - Removed inclusion of nz0decl.h
* sdange 02/18/97 - Moved nzt specific declarations from nz0decl.h
* asriniva 01/21/97 - Remove prototypes.
* asriniva 10/31/96 - Include oratypes.h
* asriniva 10/15/96 - Declare buffer block helper functions
* asriniva 10/08/96 - First pass at wallet open/close
* asriniva 10/04/96 - Add random number seed function
* asriniva 10/03/96 - Reorder parameters in nztbbSetBlock
* asriniva 10/03/96 - Keep editing.
* asriniva 10/03/96 - Continued edits.
* asriniva 10/02/96 - Continue editing.
* asriniva 09/26/96 -
*/
/* ENABLE check_long_lines */
#ifndef NZT_ORACLE
#define NZT_ORACLE
#ifndef ORATYPES
# include "oratypes.h"
#endif /* ORATYPES */
#ifndef NZERROR_ORACLE
# include "nzerror.h" /* NZ error type */
#endif /* NZERROR_ORACLE */
#define NZT_MAX_SHA1 20
#define NZT_MAX_MD5 16
/***************************************/
/* PUBLIC CONSTANTS, MACROS, AND TYPES */
/***************************************/
/*
* Wallet Resource Locator Type Strings
*
* WRL TYPE PARAMETERS BEHAVIOR
* ======== ========== =====================================
* default: <none> Uses directory defined by the parameter
* SNZD_DEFAULT_FILE_DIRECTORY which in
* unix is "$HOME/oracle/oss"
*
* file: file path example: file:/home/ascott
*
* sqlnet: <none> In this case, the directory path will be
* retrieved from the sqlnet.ora file under
* the oss.source.my_wallet parameter.
*
*/
/* Note that there is no NZT_NULL_WRL. Instead look in snzd.h for DEFAULT_WRP
* which is used in our new defaulting mechanism. The NZT_DEFAULT_WRL
* should be deprecated.
*/
#define NZT_DEFAULT_WRL ((text *)"default:")
#define NZT_SQLNET_WRL ((text *)"sqlnet:")
#define NZT_FILE_WRL ((text *)"file:")
#define NZT_ORACLE_WRL ((text *)"oracle:")
#define NZT_NO_PASSWORD ((text *)"") /* NEVER USED */
enum nzttwrl
{
NZTTWRL_DEFAULT = 1, /* Default, use SNZD_DEFAULT_FILE_DIRECTORY */
NZTTWRL_SQLNET, /* Use oss.source.my_wallet in sqlnet.ora file */
NZTTWRL_FILE, /* Find the wallet in this directory */
NZTTWRL_ORACLE, /* Get the wallet from OSS db */
NZTTWRL_NULL /* New SSO defaulting mechanism */
};
typedef enum nzttwrl nzttwrl;
#ifndef NZ0DECL_ORACLE
/*
* With the elimination of nz0decl.h from public, we need this
* redundant typedef.
*/
typedef struct nzctx nzctx;
#endif /* NZ0DECL_ORACLE */
/* Moved from nz0decl.h */
typedef struct nzttIdentity nzttIdentity;
typedef struct nzttIdentityPrivate nzttIdentityPrivate;
typedef struct nzttPersona nzttPersona;
typedef struct nzttPersonaPrivate nzttPersonaPrivate;
typedef struct nzttWallet nzttWallet;
typedef struct nzttWalletPrivate nzttWalletPrivate;
typedef struct nzttWalletObj nzttWalletObj; /* For wallet object */
/*
* Crypto Engine State
*
* Once the crypto engine (CE) has been initialized for a particular
* cipher, it is either at the initial state, or it is continuing to
* use the cipher. NZTCES_END is used to change the state back to
* initialized and flush any remaining output. NZTTCES_RESET can be
* used to change the state back to initialized and throw away any
* remaining output.
*/
enum nzttces
{
NZTTCES_CONTINUE = 1, /* Continue processing input */
NZTTCES_END, /* End processing input */
NZTTCES_RESET /* Reset processing and skip generating output */
};
typedef enum nzttces nzttces;
/*
* Crypto Engine Functions
*
* List of crypto engine categories; used to index into protection
* vector.
*/
enum nzttcef
{
NZTTCEF_DETACHEDSIGNATURE = 1, /* Signature, detached from content */
NZTTCEF_SIGNATURE, /* Signature combined with content */
NZTTCEF_ENVELOPING, /* Signature and encryption with content */
NZTTCEF_PKENCRYPTION, /* Encryption for one or more recipients */
NZTTCEF_ENCRYPTION, /* Symmetric encryption */
NZTTCEF_KEYEDHASH, /* Keyed hash/checkusm */
NZTTCEF_HASH, /* Hash/checsum */
NZTTCEF_RANDOM, /* Random byte generation */
NZTTCEF_LAST /* Used for array size */
};
typedef enum nzttcef nzttcef;
/*
* State of the persona.
*/
enum nzttState
{
NZTTSTATE_EMPTY = 0, /* is not in any state(senseless???) */
NZTTSTATE_REQUESTED, /* cert-request */
NZTTSTATE_READY, /* certificate */
NZTTSTATE_INVALID, /* certificate */
NZTTSTATE_RENEWAL /* renewal-requested */
};
typedef enum nzttState nzttState;
/*
* Cert-version types
*
* This is used to quickly look-up the cert-type
*/
enum nzttVersion
{
NZTTVERSION_X509v1 = 1, /* X.509v1 */
NZTTVERSION_X509v3, /* X.509v3 */
#ifdef NZDEPRECATED
NZTTVERSION_SYMMETRIC, /* Symmetric */
#endif
NZTTVERSION_INVALID_TYPE /* For Initialization */
};
typedef enum nzttVersion nzttVersion;
/*
* Cipher Types
*
* List of all cryptographic algorithms, some of which may not be
* available.
*/
enum nzttCipherType
{
NZTTCIPHERTYPE_RSA = 1, /* RSA public key */
NZTTCIPHERTYPE_DES, /* DES */
NZTTCIPHERTYPE_RC4, /* RC4 */
NZTTCIPHERTYPE_MD5DES, /* DES encrypted MD5 with salt (PBE) */
NZTTCIPHERTYPE_MD5RC2, /* RC2 encrypted MD5 with salt (PBE) */
NZTTCIPHERTYPE_MD5, /* MD5 */
NZTTCIPHERTYPE_SHA /* SHA */
};
typedef enum nzttCipherType nzttCipherType;
/*
* TDU Formats
*
* List of possible toolkit data unit (TDU) formats. Depending on the
* function and cipher used some may be not be available.
*/
enum nztttdufmt
{
NZTTTDUFMT_PKCS7 = 1, /* PKCS7 format */
NZTTTDUFMT_RSAPAD, /* RSA padded format */
NZTTTDUFMT_ORACLEv1, /* Oracle v1 format */
NZTTTDUFMT_LAST /* Used for array size */
};
typedef enum nztttdufmt nztttdufmt;
/*
* Validate State
*
* Possible validation states an identity can be in.
*/
enum nzttValState
{
NZTTVALSTATE_NONE = 1, /* Needs to be validated */
NZTTVALSTATE_GOOD, /* Validated */
NZTTVALSTATE_REVOKED /* Failed to validate */
};
typedef enum nzttValState nzttValState;
/*
* Policy Fields <----NEW (09/14/98)
*
* Policies enforced
*/
enum nzttPolicy
{
NZTTPOLICY_NONE = 0,
NZTTPOLICY_RETRY_1, /* number of retries for decryption = 1 */
NZTTPOLICY_RETRY_2, /* number of retries for decryption = 2 */
NZTTPOLICY_RETRY_3 /* number of retries for decryption = 3 */
};
typedef enum nzttPolicy nzttPolicy;
/*
* Persona Usage <----NEW (09/14/98)
*
* what a persona will be used for?
*/
enum nzttUsage
{
NZTTUSAGE_NONE = 0,
NZTTUSAGE_SSL /* persona for SSL usage */
};
typedef enum nzttUsage nzttUsage;
/*
* Personas and identities have unique id's that are represented with
* 128 bits.
*/
typedef ub1 nzttID[16];
/*
* Identity Types
*
* List of all Identity types..
*/
enum nzttIdentType
{
NZTTIDENTITYTYPE_INVALID_TYPE = 0,
NZTTIDENTITYTYPE_CERTIFICTAE,
NZTTIDENTITYTYPE_CERT_REQ,
NZTTIDENTITYTYPE_RENEW_CERT_REQ,
NZTTIDENTITYTYPE_CLEAR_ETP,
NZTTIDENTITYTYPE_CLEAR_UTP,
NZTTIDENTITYTYPE_CLEAR_PTP
};
typedef enum nzttIdentType nzttIdentType;
/*
* Timestamp as 32 bit quantity in UTC.
*/
typedef ub1 nzttTStamp[4];
/*
* Buffer Block
*
* A function that needs to fill (and possibly grow) an output buffer
* uses an output parameter block to describe each buffer.
*
* The flags_nzttBufferBlock member tells the function whether the
* buffer can be grown or not. If flags_nzttBufferBlock is 0, then
* the buffer will be realloc'ed automatically.
*
* The buflen_nzttBufferBLock member is set to the length of the
* buffer before the function is called and will be the length of the
* buffer when the function is finished. If buflen_nzttBufferBlock is
* 0, then the initial pointer stored in pobj_nzttBufferBlock is
* ignored.
*
* The objlen_nzttBufferBlock member is set to the length of the
* object stored in the buffer when the function is finished. If the
* initial buffer had a non-0 length, then it is possible that the
* object length is shorter than the buffer length.
*
* The pobj_nzttBufferBlock member is a pointer to the output object.
*/
struct nzttBufferBlock
{
# define NZT_NO_AUTO_REALLOC 0x1
uword flags_nzttBufferBlock; /* Flags */
ub4 buflen_nzttBufferBlock; /* Total length of buffer */
ub4 usedlen_nzttBufferBlock; /* Length of used buffer part */
ub1 *buffer_nzttBufferBlock; /* Pointer to buffer */
};
typedef struct nzttBufferBlock nzttBufferBlock;
/*
* Wallet.
*/
struct nzttWallet
{
ub1 *ldapName_nzttWallet; /* user's LDAP Name */
ub4 ldapNamelen_nzttWallet; /* len of user's LDAP Name */
nzttPolicy securePolicy_nzttWallet; /* secured-policy of the wallet */
nzttPolicy openPolicy_nzttWallet; /* open-policy of the wallet */
nzttPersona *persona_nzttWallet; /* List of personas in wallet */
nzttWalletPrivate *private_nzttWallet; /* Private wallet information */
#ifdef NZDEPRECATED
ub4 npersona_nzttWallet; /* Number of personas */
#endif
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -